Signature Detail
Short Name |
HTTP:STC:CSS-STATUS-BAR-SPOOF |
|---|---|
Severity |
Medium |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Release Date |
2011/04/29 |
Update Number |
1912 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Multiple Browsers CSS Status Bar Spoof
This signature detects attempts to exploit known flaws in several common HTTP browsers, including Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and Apple Safari. Attackers can craft a web page using Cascading Style Sheets (CSS) to include links that indicate via the Status Bar that clicking on them would take you to one site, but instead take you to a different site. Attackers can use this to enhance the credibility of phishing attacks to entice a user to go to what they think is a trusted site but is instead a malicious site.
Extended Description
Microsoft Internet Explorer is prone to a weakness that may allow an attacker to obfuscate a malicious link. Successful exploits of this issue will cause the status bar to display spoofed content that may aid in further attacks. Microsoft Internet Explorer 9 is vulnerable; other versions may also be affected.
Affected Products
- Microsoft Internet Explorer 9
References
- BugTraq: 47547
- BugTraq: 47548
- BugTraq: 47549
- URL: http://xeyeteam.appspot.com/2011/04/15/IE-Chrome-Firefox-Status-Bar-Spoofing-Vulnerability.html
- URL: http://www.microsoft.com/windows/ie/default.mspx